In most online public file systems such as Dropbox, Google Drive, SkyDrive, etc., files and/or documents are owned by individual people who are responsible for managing the sharing permissions of the document and/or file. Thus, each user decides which files and/or documents he or she wants to make public, which files and documents are private (visible only to the owner) and which files and/or documents may be shared with a limited set of users and/or groups.
This paradigm in which the files and/or documents are owned by the user is well suited for collaborative work among small teams, but does not scale up to large organizations with hundreds or thousands of users. In this paradigm, work-related documents that belong to the organization from a legal and intellectual property point of view, are “owned” in the document system by the individual users. Due to this ownership by an individual, critical information can be lost when an employee leaves the organization, or by accident when the owner deletes a file without realizing that it was shared and used by other co-workers.
There have been systems that have attempted to solve the above problems. One system is a cloud backup solutions, such as for example Backupify, that addresses the problem of accidental data loss by storing copies of the files outside of the public file system. When a document is lost, the backup system can restore the backup copy. Another system is a security audit solutions, such as for example CloudLock, that addresses the problem of controlling the sharing permissions of the files. These tool perform a periodic scan of the files and provide a detailed report of which file(s) are shared with which users or groups, with a specific focus on files that are made visible outside of the organization.
These known backup and audit solutions are only a partial answer to the problem of managing corporate documents for several reasons. First, these tools only detect and fix problems that have already happened, finding and restoring a lost file can take time and audit tools can only find security breaches after (and sometimes, a long time after) the misconfiguration has been done. In addition, backup copies may be sometimes incomplete (for example, a backup copy of a Google Document only contains the content of the document, but not the collaborative comments attached to it). Furthermore, these tools do not address the “ownership” issue, which is the root cause of the problems: despite the deployment of a centralized backup system and a security audit tool, files are still owned by individual users rather than by the organization.